Earthweb: Backdoors, Back Channels and HTTP(S)

"As a network or system administrator, you usually desire the ability to limit what goes into
and comes out of your network. People achieve this through a variety of methods, the
most common by far being firewalls. However, most firewalls and networks in general do
have one service they will allow no matter what - the ability for users to surf the Web.
HTTP is a very simple (compared to, say, FTP) and well understood protocol, and almost
every workstation on any given network is allowed to send out HTTP requests, and usually
servers are as well."

"Unfortunately, by choosing to move data over popular protocols such as HTTP, especially
when it can be easily encrypted, the software firms will make life extremely difficult for
corporate network administrators who want to control what services and types of
information enter and leave their networks. ..."
Unfortunately, by choosing to move data over popular protocols such as HTTP, especially
when it can be easily encrypted, the software firms will make life extremely difficult for
corporate network administrators who want to control what services and types of
information enter and leave their networks.